120.92.133.21 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 29 15:52:49 typhoon sshd[17552]: Failed password for invalid user malcom from 120.92.133.21 port 43692 ssh2 Jul 29 15:52:49 typhoon sshd[17552]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth] Jul 29 16:01:08 typhoon sshd[17569]: Failed password for invalid user spotlight from 120.92.133.21 port 20780 ssh2 Jul 29 16:01:08 typhoon sshd[17569]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth] Jul 29 16:05:37 typhoon sshd[17579]: Failed password for invalid user stalin from 120.92.133.21 port 52128 ssh2 Jul 29 16:05:38 typhoon sshd[17579]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth] Jul 29 16:08:46 typhoon sshd[17585]: Failed password for invalid user deployment from 120.92.133.21 port 18962 ssh2 Jul 29 16:08:46 typhoon sshd[17585]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth] Jul 29 16:12:02 typhoon sshd[17596]: Failed password for invalid user pych from 120.92.133.21 port 50306 ssh2 Jul 29 16:12:02 typhoon........ -------------------------------	2019-08-01 20:42:04

Type

Details

Datetime

attack

Jul 29 15:52:49 typhoon sshd[17552]: Failed password for invalid user malcom from 120.92.133.21 port 43692 ssh2
Jul 29 15:52:49 typhoon sshd[17552]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth]
Jul 29 16:01:08 typhoon sshd[17569]: Failed password for invalid user spotlight from 120.92.133.21 port 20780 ssh2
Jul 29 16:01:08 typhoon sshd[17569]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth]
Jul 29 16:05:37 typhoon sshd[17579]: Failed password for invalid user stalin from 120.92.133.21 port 52128 ssh2
Jul 29 16:05:38 typhoon sshd[17579]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth]
Jul 29 16:08:46 typhoon sshd[17585]: Failed password for invalid user deployment from 120.92.133.21 port 18962 ssh2
Jul 29 16:08:46 typhoon sshd[17585]: Received disconnect from 120.92.133.21: 11: Bye Bye [preauth]
Jul 29 16:12:02 typhoon sshd[17596]: Failed password for invalid user pych from 120.92.133.21 port 50306 ssh2
Jul 29 16:12:02 typhoon........
-------------------------------

2019-08-01 20:42:04

Comments on same subnet:

IP	Type	Details	Datetime
120.92.133.32	attackspam	Jun 2 06:40:10 Tower sshd[4745]: refused connect from 47.110.58.52 (47.110.58.52) Jun 2 09:27:45 Tower sshd[4745]: refused connect from 60.191.141.80 (60.191.141.80) Jun 2 16:28:17 Tower sshd[4745]: Connection from 120.92.133.32 port 24048 on 192.168.10.220 port 22 rdomain "" Jun 2 16:28:18 Tower sshd[4745]: Failed password for root from 120.92.133.32 port 24048 ssh2 Jun 2 16:28:18 Tower sshd[4745]: Received disconnect from 120.92.133.32 port 24048:11: Bye Bye [preauth] Jun 2 16:28:18 Tower sshd[4745]: Disconnected from authenticating user root 120.92.133.32 port 24048 [preauth]	2020-06-03 04:48:33
120.92.133.32	attackbotsspam	prod11 ...	2020-05-23 01:07:15
120.92.133.32	attack	May 12 14:08:33 meumeu sshd[31744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32 May 12 14:08:35 meumeu sshd[31744]: Failed password for invalid user system from 120.92.133.32 port 27218 ssh2 May 12 14:10:44 meumeu sshd[32115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32 ...	2020-05-12 20:34:06
120.92.133.32	attackspam	Fail2Ban Ban Triggered	2020-04-21 23:38:28
120.92.133.32	attackbotsspam	Apr 19 12:02:22 webhost01 sshd[16507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32 Apr 19 12:02:24 webhost01 sshd[16507]: Failed password for invalid user ubuntu from 120.92.133.32 port 6522 ssh2 ...	2020-04-19 13:40:36
120.92.133.32	attackspam	SSH Invalid Login	2020-04-08 07:35:54
120.92.133.32	attackbots	[ssh] SSH attack	2020-04-06 04:04:09
120.92.133.32	attackbotsspam	3x Failed Password	2020-03-19 03:29:30
120.92.133.32	attack	Mar 17 20:48:55 mockhub sshd[31728]: Failed password for root from 120.92.133.32 port 24636 ssh2 ...	2020-03-18 13:47:10
120.92.133.32	attackbotsspam	Feb 29 14:57:44 wbs sshd\[8630\]: Invalid user admin from 120.92.133.32 Feb 29 14:57:44 wbs sshd\[8630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32 Feb 29 14:57:45 wbs sshd\[8630\]: Failed password for invalid user admin from 120.92.133.32 port 44070 ssh2 Feb 29 15:05:43 wbs sshd\[9275\]: Invalid user boserver from 120.92.133.32 Feb 29 15:05:43 wbs sshd\[9275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32	2020-03-01 09:15:52
120.92.133.32	attack	Unauthorized connection attempt detected from IP address 120.92.133.32 to port 2220 [J]	2020-01-13 22:39:01
120.92.133.32	attack	Dec 22 10:49:43 MK-Soft-Root2 sshd[10957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.133.32 Dec 22 10:49:45 MK-Soft-Root2 sshd[10957]: Failed password for invalid user suda from 120.92.133.32 port 28068 ssh2 ...	2019-12-22 21:41:32
120.92.133.32	attackspambots	Dec 15 15:43:26 v22018086721571380 sshd[5970]: Failed password for invalid user mysql from 120.92.133.32 port 27394 ssh2 Dec 15 16:00:08 v22018086721571380 sshd[7043]: Failed password for invalid user test from 120.92.133.32 port 63482 ssh2	2019-12-15 23:47:17
120.92.133.32	attackbotsspam	2019-12-07T23:30:51.710319abusebot.cloudsearch.cf sshd\[6444\]: Invalid user admin from 120.92.133.32 port 37794	2019-12-08 07:49:05
120.92.133.32	attack	Brute-force attempt banned	2019-12-06 09:45:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.133.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15669
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.133.21.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 20:41:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 21.133.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 21.133.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.237.109.248	attack	SpamScore above: 10.0	2020-04-23 13:27:23
114.217.244.155	attackspambots	Unauthorized connection attempt detected from IP address 114.217.244.155 to port 88 [T]	2020-04-23 13:09:11
51.79.69.137	attackspam	Invalid user xs from 51.79.69.137 port 40344	2020-04-23 13:08:53
167.99.66.158	attackbotsspam	2020-04-23T07:38:16.519545ns386461 sshd\[5191\]: Invalid user postgres from 167.99.66.158 port 51002 2020-04-23T07:38:16.524089ns386461 sshd\[5191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.66.158 2020-04-23T07:38:19.102516ns386461 sshd\[5191\]: Failed password for invalid user postgres from 167.99.66.158 port 51002 ssh2 2020-04-23T07:41:07.790858ns386461 sshd\[7911\]: Invalid user mr from 167.99.66.158 port 58180 2020-04-23T07:41:07.795301ns386461 sshd\[7911\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.66.158 ...	2020-04-23 13:42:16
200.31.19.206	attackbotsspam	Apr 23 07:07:16 xeon sshd[63650]: Failed password for invalid user ubuntu from 200.31.19.206 port 34001 ssh2	2020-04-23 13:12:40
106.13.41.25	attackbotsspam	failed root login	2020-04-23 13:27:44
92.222.92.114	attackspam	Apr 22 18:48:47 auw2 sshd\[7685\]: Invalid user bz from 92.222.92.114 Apr 22 18:48:47 auw2 sshd\[7685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.ip-92-222-92.eu Apr 22 18:48:49 auw2 sshd\[7685\]: Failed password for invalid user bz from 92.222.92.114 port 34874 ssh2 Apr 22 18:52:58 auw2 sshd\[7946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.ip-92-222-92.eu user=root Apr 22 18:53:00 auw2 sshd\[7946\]: Failed password for root from 92.222.92.114 port 49196 ssh2	2020-04-23 12:58:22
175.99.95.246	attackbotsspam	Invalid user kw from 175.99.95.246 port 56226	2020-04-23 13:20:41
185.175.93.17	attackbots	Fail2Ban Ban Triggered	2020-04-23 13:19:11
113.163.5.209	attackbots	SSH Login Bruteforce	2020-04-23 13:07:35
46.105.148.212	attackbotsspam	Invalid user ubuntu from 46.105.148.212 port 47392	2020-04-23 13:00:18
54.37.229.128	attackbots	2020-04-22T23:09:27.397459linuxbox-skyline sshd[10909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.229.128 user=root 2020-04-22T23:09:29.279983linuxbox-skyline sshd[10909]: Failed password for root from 54.37.229.128 port 59314 ssh2 ...	2020-04-23 13:47:42
140.143.247.245	attackbotsspam	Apr 23 05:49:09 ns381471 sshd[7803]: Failed password for root from 140.143.247.245 port 35796 ssh2	2020-04-23 13:18:01
170.246.69.171	attackbotsspam	Automatic report - Port Scan Attack	2020-04-23 13:43:22
118.27.37.223	attackspambots	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-04-23 13:50:54

Recently Reported IPs

78.194.237.128	51.158.164.121	20.27.243.250	80.254.98.176
180.126.239.159	175.143.96.177	123.206.51.192	123.57.34.176
77.222.187.166	115.218.193.61	166.176.218.193	237.229.230.6
235.4.219.229	188.95.176.44	83.103.112.218	37.202.105.102
83.96.115.24	113.61.34.46	61.65.59.59	197.44.162.62